home/git: use SSH for signing

fufexan · Aug 22, 2023 · 81201db · 81201db
1 parent 0ef9342
commit 81201db
Show file tree

Hide file tree

Showing 3 changed files with 20 additions and 11 deletions.
diff --git a/home/programs/default.nix b/home/programs/default.nix
@@ -33,10 +33,10 @@
       profiles.mihai = {};
     };
 
-    gpg = {
-      enable = true;
-      homedir = "${config.xdg.dataHome}/gnupg";
-    };
+    # gpg = {
+    #   enable = true;
+    #   homedir = "${config.xdg.dataHome}/gnupg";
+    # };
 
     password-store = {
       enable = true;
@@ -46,12 +46,12 @@
   };
 
   services = {
-    gpg-agent = {
-      enable = true;
-      enableSshSupport = true;
-      pinentryFlavor = "gnome3";
-      sshKeys = ["73D1C4271E8C508E1E55259660C94BE828B07738"];
-    };
+    # gpg-agent = {
+    #   enable = true;
+    #   enableSshSupport = true;
+    #   pinentryFlavor = "gnome3";
+    #   sshKeys = ["73D1C4271E8C508E1E55259660C94BE828B07738"];
+    # };
 
     syncthing.enable = true;
   };

diff --git a/home/programs/git.nix b/home/programs/git.nix
@@ -1,4 +1,5 @@
 {
+  config,
   pkgs,
   default,
   ...
@@ -42,10 +43,12 @@
     ignores = ["*~" "*.swp" "*result*" ".direnv" "node_modules"];
 
     signing = {
-      key = "5899325F2F120900";
+      key = "${config.home.homeDirectory}/.ssh/id_ed25519";
       signByDefault = true;
     };
 
+    extraConfig.gpg.format = "ssh";
+
     userEmail = "fufexan@protonmail.com";
     userName = "Mihai Fufezan";
   };

diff --git a/modules/network.nix b/modules/network.nix
@@ -15,10 +15,16 @@
         # allow the Tailscale UDP port through the firewall
         config.services.tailscale.port
         5353
+        # syncthing QUIC
+        22000
+        # syncthing discovery broadcast on ipv4 and multicast ipv6
+        21027
       ];
 
       allowedTCPPorts = [
         42355
+        # syncthing
+        22000
       ];
     };